libibverbs must refuse to load arbitrary shared objects.
This patch check the configuration directory and files for
- being owned by root;
- not being writable by others.
Signed-off-by: Yann Droneaud <ydrone...@opteya.com>
---
src/init.c | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/src/init.c b/src/init.c
index 1981da7..a37b57d 100644
--- a/src/init.c
+++ b/src/init.c
@@ -294,10 +294,24 @@ static void read_config_file(const char *path)
static void read_config(void)
{
+ struct stat buf;
DIR *conf_dir;
struct dirent *dent;
char *path;
+ if (stat(IBV_CONFIG_DIR, &buf) || !S_ISDIR(buf.st_mode)) {
+ fprintf(stderr, PFX "Warning: couldn't stat config directory
'%s'.\n",
+ IBV_CONFIG_DIR);
+ return;
+ }
+
+ if (buf.st_uid != 0 || buf.st_gid != 0 ||
+ (buf.st_mode & S_IWOTH) != 0) {
+ fprintf(stderr, PFX "Warning: unsecure config directory
'%s'.\n",
+ IBV_CONFIG_DIR);
+ return;
+ }
+
conf_dir = opendir(IBV_CONFIG_DIR);
if (!conf_dir) {
fprintf(stderr, PFX "Warning: couldn't open config directory
'%s'.\n",
@@ -306,8 +320,6 @@ static void read_config(void)
}
while ((dent = readdir(conf_dir))) {
- struct stat buf;
-
if (dent->d_name[0] == '.')
continue;
@@ -329,6 +341,13 @@ static void read_config(void)
if (!S_ISREG(buf.st_mode))
goto next;
+ if (buf.st_uid != 0 || buf.st_gid != 0 ||
+ (buf.st_mode & S_IWOTH) != 0) {
+ fprintf(stderr, PFX "Warning: unsecure config file
'%s'.\n",
+ path);
+ goto next;
+ }
+
read_config_file(path);
next:
free(path);
--
1.7.11.7
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
